This configuration is for Stand-Alone only. The Citrix plug-in can only send username/ip information, http, https, and ftp traffic. To avoid double filtering with the current Stand-Alone Filtering Service + Network Agent, you will need to enter exceptions on the monitoring interface for all Citrix servers running the Citrix plug-in. You will then need a second Filtering Service and Network Agent integrated with Citrix. The "integrated" Network Agent is needed so that it will only monitor/block "protocol" traffic, not http. A second stand-alone Network Agent will not work as you do not want NA monitoring HTTP traffic that the Citrix Plug-in are already forwarding to the Filtering Service.
- Another port span is needed to mirror traffic coming from the Citrix Server(s). This can be on the existing switch or another switch the Citrix traffic traverses.
- For versions 7.6 to 8.5 and later: deploy a new Citrix Client profile with the new IP address. See Integrating Forcepoint URL Filtering with Citrix for information.
- For versions 7.5.x and earlier: in the wscitrix.ini file, located in the ...\websense\bin directory of the Citrix Server(s), edit the Filtering Service IP to point to the new Filtering Service integrated with Citrix, then restart the Citrix plug-in service.
- The new Network Agent will handle the protocol traffic while the Citrix plug-in is still handling the username/ip information, http, https, and ftp traffic.
- In v7.6.x and later, Citrix integration does not use the WsCitrix.ini file.
- Before upgrading an existing installation to v7.6.x, use Windows Add/Remove Programs on the Citrix server to remove the existing (previous version) Citrix Integration Service.
- If you find a WsCitrix.ini file on a v7.6.x machine, old components were not removed properly.
- If adding the Filtering Service IP address to a WsCitrix.ini file fixes a problem after v7.6.x installation, you’ve just re-enabled the v7.5.x Citrix integration, and your new, v7.6.x Citrix Integration Service is not being used. (It may, however, be degrading the performance of your v7.5.x components.) To fix the problem, completely remove Websense components from the Citrix server, and then deploy the v7.6.x Citrix Integration Service again.